Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/hy6hF8IrSbLW-TjHkOXgnrrCoDU.roa
File: hy6hF8IrSbLW-TjHkOXgnrrCoDU.roa (raw, json)
Hash identifier: pjf4/0c2MAPmUgVS7da/JF59OCPuqewffqw3073TPIM=
Subject key identifier: 87:2E:A1:17:C2:2B:49:B2:D6:F9:38:C7:90:E5:E0:9E:BA:C2:A0:35
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1866
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/hy6hF8IrSbLW-TjHkOXgnrrCoDU.roa
Signing time: Thu 25 Apr 2024 00:53:40 +0000
ROA not before: Thu 25 Apr 2024 00:53:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6246 (0x1866)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 25 00:53:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=872EA117C22B49B2D6F938C790E5E09EBAC2A035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7a:73:6c:93:54:e7:53:3e:2c:1d:1c:03:70:
00:64:2f:54:e8:65:f4:3c:39:26:54:32:ad:3c:f2:
02:00:82:94:22:e2:15:78:06:71:8a:90:fd:cd:7e:
35:89:ca:0c:fe:19:04:bd:28:4c:c4:77:5b:6e:78:
13:9e:57:9c:aa:25:3b:d8:5f:7e:28:af:b0:b1:31:
63:88:a7:a8:00:23:62:7c:3d:cf:14:17:54:52:9a:
7a:d8:ae:77:62:e6:ab:04:dd:a8:be:36:50:50:67:
2b:d8:54:45:1e:b7:d0:11:cc:cc:0e:b5:e9:0b:9d:
9e:4e:b2:5b:21:9e:96:d2:ed:0c:1b:1e:48:a0:d6:
12:91:b6:62:35:83:d3:30:07:75:aa:bf:32:e3:78:
a6:fa:4e:59:15:c1:19:db:5a:10:5e:43:de:f8:56:
33:f4:69:b8:24:2b:ab:37:11:96:cc:07:76:ac:a2:
aa:95:52:cf:43:1e:a2:71:10:28:d3:6d:af:59:80:
37:85:7d:b1:a1:a0:9d:be:d4:ec:dd:2e:33:fe:75:
be:56:8c:5d:7e:44:6c:36:c8:40:86:18:80:97:90:
08:ef:cd:d7:01:11:17:4b:6e:fe:d4:20:3a:9c:8b:
e4:c0:2f:f1:97:8b:81:87:79:80:2d:89:5a:9e:6c:
99:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2E:A1:17:C2:2B:49:B2:D6:F9:38:C7:90:E5:E0:9E:BA:C2:A0:35
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/hy6hF8IrSbLW-TjHkOXgnrrCoDU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:68:18:75:55:94:a8:41:86:68:1c:03:ef:87:40:42:ee:26:
30:05:72:72:18:12:d7:d2:b6:6f:24:16:3d:f8:97:b5:d0:63:
8a:f0:6f:12:47:3a:b4:7a:a0:18:87:82:02:3a:ab:77:f5:3a:
96:47:22:79:7f:64:7b:d3:8f:ef:85:1b:51:91:af:43:54:ed:
72:42:36:6f:21:9c:df:c2:46:93:63:94:4c:c7:d1:c7:f5:d4:
03:f1:ba:fd:59:b1:da:86:d2:1b:74:f5:33:28:8b:db:5c:d4:
75:74:68:8e:ee:a6:86:cd:e6:75:b5:a8:a2:1d:a4:81:6a:23:
10:ce:b3:8e:2d:84:8e:8c:98:c5:93:84:30:07:84:f0:f5:36:
81:63:73:cc:e0:ff:96:a9:ab:05:23:91:3f:64:22:32:6c:a1:
04:87:5d:bd:ce:17:f4:b9:81:03:3b:e5:39:c4:45:99:4a:31:
9d:fc:28:20:19:ca:0a:4f:8a:dc:03:ff:e8:30:18:cb:00:4f:
3d:ef:79:bc:37:39:82:7b:e8:ea:37:00:c3:d0:68:e7:d0:2e:
7f:07:c8:b1:36:29:d4:2f:60:e7:5b:26:cf:3f:51:12:9f:8c:
15:17:07:c9:3d:10:12:29:90:66:a7:52:44:18:0d:57:f0:20:
75:a0:8b:b3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjUw
MDUzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3MkVBMTE3QzIyQjQ5
QjJENkY5MzhDNzkwRTVFMDlFQkFDMkEwMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYenNsk1TnUz4sHRwDcABkL1ToZfQ8OSZUMq088gIAgpQi4hV4
BnGKkP3NfjWJygz+GQS9KEzEd1tueBOeV5yqJTvYX34or7CxMWOIp6gAI2J8Pc8U
F1RSmnrYrndi5qsE3ai+NlBQZyvYVEUet9ARzMwOtekLnZ5OslshnpbS7QwbHkig
1hKRtmI1g9MwB3WqvzLjeKb6TlkVwRnbWhBeQ974VjP0abgkK6s3EZbMB3asoqqV
Us9DHqJxECjTba9ZgDeFfbGhoJ2+1OzdLjP+db5WjF1+RGw2yECGGICXkAjvzdcB
ERdLbv7UIDqci+TAL/GXi4GHeYAtiVqebJl7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhy6hF8IrSbLW+TjHkOXgnrrCoDUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2h5NmhGOElyU2JMVy1U
akhrT1hnbnJyQ29EVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAVmgYdVWUqEGGaBwD74dAQu4mMAVychgS
19K2byQWPfiXtdBjivBvEkc6tHqgGIeCAjqrd/U6lkcieX9ke9OP74UbUZGvQ1Tt
ckI2byGc38JGk2OUTMfRx/XUA/G6/Vmx2obSG3T1MyiL21zUdXRoju6mhs3mdbWo
oh2kgWojEM6zji2EjoyYxZOEMAeE8PU2gWNzzOD/lqmrBSORP2QiMmyhBIddvc4X
9LmBAzvlOcRFmUoxnfwoIBnKCk+K3AP/6DAYywBPPe95vDc5gnvo6jcAw9Bo59Au
fwfIsTYp1C9g51smzz9REp+MFRcHyT0QEimQZqdSRBgNV/AgdaCLsw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 02:11:57 2024 by rpki-client on console-fra.rpki-client.org